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Operational Legalities 
Legal Framework 
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Legal Framework 

Intelligence Services Act 1994 

• functions; property interference; oversight 

Human Rights Act 1998 

• public authorities must act in accordance with ECHR 

Regulation of Investigatory Powers Act 2000 

• interception; safeguards; oversight 

Wireless Telegraphy Act 2006 

• non-RIPA interception/interference 



This information is exempt under the Freedom of Information Act 20 00 CFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 
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Intelligence Services Act 

• applies to all operations under control of 
Director GCHQ 

• defines GCHQ's SIGINT function 

• prescribes purposes for SIGINT function: 
... National Security 

... Economic Well-being of the UK (EWB) 

... Prevention/detection of serious crime 



This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





Human Rights Act 1998 

• incorporates the ECHR into UK law 

• requires all UK public authorities to act in 
accordance with the ECHR 

• allows actions against public authorities by 
aggrieved parties 

• RIPA, ISA and WTA are the vehicles through 
which ECHR or 'HRA compatibility' are met 



This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





The European Convention on 
Human Rights (ECHR) 

Article 8 is of most obvious relevance to GCHQ: 

^ 8 . 1 . “Everyone has the right to respect for his 
private and famiiy life, his home and his 
correspondence. ” 

8 . 2 . “There shall be no interference by a public 
authority with the exercise of this right except 
such as is in accordance with the law and is 
necessary in a democratic society. ..” 



This information is exempt under the Freedom of Information Act 200CHFOIA) ancHnay b^xempt under other UK information legislation. Refer any 

HHH x^^| or ^^B@gc hq.gst.gov.uk 





The European Convention on 

Human Rights 

“...in the interests of national security, public 
safety or the economic well-being of the 
country, for the prevention of disorder or 
crime, for the protection of public health and 
morals, or for the protection of the rights and 
freedoms of others. ” 




This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





Need for authorisation 

• ensures compliance with requirements of 
ECHR and HRA 

• SIGINT - intercept/CNE - is illegal in UK 
without it (RIPA/CMA/WTA offences) 

• gives visibility of operational activities - to 
GCHQ seniors & SoS 



This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





Authorisation 

Regulation of Investigatory Powers 

Act 2000 

Interception & surveillance 

Intelligence Services Act 1994 

CNE; Effects 

Wireless Telegraphy Act 2006 

Interception/ interference with wireless 

telegraphy 



This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 
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Regulation of Investigatory 
Powers Act 2000 (RIPA) 

^ interception in the UK of comms carried on a 
public or private telecommunications system 

x surveillance & covert human intelligence 
source (CHIS) activity 

^ acquisition of comms data 

^ not just applicable to GCHQ 



This information is exempt under the Freedom of Information Act 20 00 f FQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





RIPA warrants 

s. 8(4) 'external' warrants 

^ authorise 'at least one end foreign' interception 

x authorise selection according to Certificate 
entries 

^ target must be outside the UK (absent 
additional authorisation) 

^ ensure individuals' ECHR rights are protected 
on a world-wide basis 



This information is exempt under the Freedom of Information Act 20 00 f FQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





RIPA warrants 

s. 8(1) 'line-access' warrants 

warrant authorises target (person or premises) 
in the UK 

schedules give telecomms addresses 

schedules are served on those who can provide 
the communications (usually CSPs) 

PRESTON 



This information is exempt under the Freedom of Information Act 20 00 (FQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





RIPA warrants/certificates 



6 months' duration for NS, 3 months for SC 
^ approval and renewal by Secretary of State 
^ can be modified - addresses, categories 
^ urgency provisions 



This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





ISA warrants & authorisation 

• Computer Misuse Act 1990 (CMA) 

• s.5 warrant necessary if target computer is 
in the British Islands (NS only) 

• s.7 authorisation if elsewhere 

• mimics RIPA warrantry 

• s.7 subject to internal procedures 



This information is exempt under the Freedom of Information Act 20 00 CFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





ISA warrants & authorisation 



• 6 months' duration; NS/EWB only not SC 
for warrant but possible for authorisation 

• approval and renewal by Secretary of State 

^ no modification 

urgency/operational effectiveness 
provisions 



This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





Wireless Telegraphy Act 

• authorises interception of wireless 
telegraphy, ie that not covered by RIPA 

• Secretary of State issues but without limit 
of time 

• still needs to be proportionate 



This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





RIPA Directed Surveillance 

Authorisations 

• GCHQ does directed surveillance when it 
observes a target with intention of gathering 
private data on the target's private life, 
associates and/or activities 

• excludes historical research eg computer 
forensics 



This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





Questions? 




This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 
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Operational Legalities 
Tasking and Targeting 



This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





Principles 



1. We operate within the law 

2. We can demonstrate that we operate 
within the law 

3. Staff have the information they need 
to be able to comply with the law 



This information is exempt under the Freedom of Information Act 20 00 CFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





All we do has to be: 



^ authorised - where necessary, under 
law (ISA, RIPA, WTA), or policy (STA/TTA) 

^ necessary - NS, EWB or SC; plus more 
specific intelligence requirements 

^ proportionate - manner and extent to 
which requirement is being met 



This information is exempt under the Freedom of Information Act 20 00 (FQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





What activities does that 

apply to? 



tasking 
targeting 
database queries 
TD 
SD 



access 

retention 

dissemination 

pioneering 



This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





Tasking 

^ 'at least one-end foreign' interception is 
authorised by external RIPA 8(4) warrant 

^ selection is authorised according to 
Certificate entries 

^ ...ensures individuals' ECHR rights are 
protected on a world-wide basis 



This information is exempt under the Freedom of Information Act 20 00 f FQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





Targeting 



• name 

• communications addresses 

• web service authentication data 

• ID card number or passport number 

• driving licence number 

• car registration number 

• bank card/credit card account numbers 



This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





BROAD OAK 



• strategic target knowledge database 

• users justify and review retention of target 
knowledge 

• justification of targeting selectors - 
separate, but may be cascaded from target. 
Will be default in future iteration of BROAD 
OAK 



This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 
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Source field - be specific 

s GCHQ report ref and date 
s SRI id and date 

s call records including root number 
s unique customer reference 

ALWAYS INCLUDE A DATE 

x e-mail from customer 
x voice 
x CRA 

This information is exempt under the Freedom of Information Act 200CHFOIA) ancHnay b^xempt under other UK information legislation. Refer any FOIA queries to GCHQ on 

x^^| or ^^B@gc hq.gsE.gov.uk 





Intelligence requirements 

use MIRANDA number that equates to 
intelligence requirement 

TD - improving specific target knowledge, 
identifying new sources etc - is justified by 
the intelligence requirement for that target 

BOT - tick 'SigDevt' box 



This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





HRA justification 

explain exactly why you are targeting this individual 

don't just repeat the MIRANDA number but add 
value 

BOT - cascade of target-level HRA justification to 
selectors 

your responsibility to amend if necessary 
indirect targeting 



This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





HRA justification 



s Russian Minster for Foreign affairs 

s dialling analysis links to Senior Russian energy 
policymaker 

s wife of Russian Minister, targeted to provide travel 
details of target 

s Employee at Chinese Embassy in London 

S Presidential Administration Experts Directorate; 
access to info on Russian policy affecting UK 

x Russian energy 
x Chinese weapons programme 



This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





Revalidating targeting 

• make sure it is clear why you are continuing to 
invade this person's privacy, so: 

- record your justification for continuing targeting 

- make sure all fields contain the most recent information 
available 

- ongoing process 

• if you can no longer justify targeting, record your 
reason for deactivating and then deactivate 



This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





Data content retrieval 

UDAQ, DISH FIRE, IIB 

• not all data in these bases is 'selected' 

• retrieval must be: 

- authorised (lawful) 

- necessary 

- proportionate 

• HRA screens; audit logs 

• target in UK - datamining STA 



This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 
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Local HWanec 






UDAQ 



^ JIC purpose 

^ use appropriate MIRANDA number 

^ explain why you are running this query 

^ principle applies to use of any Sigint 
database 

Currently a hidden slide 

This information is exempt under the Freedom of Information Act 200CHFOIA) ancHnay b^xempt under other UK information legislation. Refer any FOIA queries to GCHQ on 

x^^| or ^^B@gc hq.gsE.gov.uk 





Questions you should ask 

yourself 

• would my justification record be clear to a 
colleague? 

• have I justified invading this person's privacy? 

• will my successor understand? 



This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





Audits 

IPTs currently carry out targeting audit 

- 10% of entries each year, randomly chosen 

- all UK entries each year, wildcards each audit 

quick check of record & key HRA aspects: 

- source field 

- HRA justification 

- MIRANDA number 

- revalidation 

UDAQ & Events also audited 

This information is exempt under the Freedom of Information Act 200CHFOIA) ancHnay b^xempt under other UK information legislation. Refer any FOIA queries to GCHQ on 

x^^| or ^^B@gc hq.gsE.gov.uk 





Questions? 





This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 






Operational Legalities 

Targeting: location and 

nationality 



This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





Location, location, location 

x Law: specific RIPA authorisation for 
interception of a target located in the UK 

^ Policy: internal authorisation (STA) for a target 
outside the UK if nationality and/or location is 
sensitive 



^ all targets require HRA Justification (gchq is a 

public authority interfering with individuals' human rights) 





Location? 




• without other information, assume: 

- individual is in their country 

- mobile phone is in country of registration 

- email address with country digraph is there 



This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





Location: belief & knowledge 

^ belief is not 100% knowledge with hindsight; 
you must not 'turn a blind eye' 

^ based on the information available at any 



particular time 

^ this may vary - so should our response 






Target arrives or is discovered 
to be in the UK.. .what next? 

Consider authorisation options 

^ continuation targeting - RIPA s.16(5) 

^ 5 working days (1 for SC) 

^ signed by GCHQ Directorate 

^ then over to customer - RIPA s.8(l) warrant 
or... 



This information is exempt under the Freedom of Information Act 200CHFOIA) ancHnay b^xempt under other UK information legislation. Refer any FOIA queries to GCHQ on 

x^^| or ^^B@gc hq.gsE.gov.uk 






Target in the UK...RIPA s.16(3) 

x frequent visitors to the UK or known targets 

^ SoS signature required - modification to 8(4) 
certificate 

^ new selectors may be used 
indirect targeting is not allowed 






If no authorisation is sought... 

^ examine and report traffic intercepted up to 
time you knew target was in UK ....then.... 

^ use B3M HRA 'register' to alert 

^ check location using events or THUGGEE 

^ examine a cut (B3M / UDAQ) every 48 hrs to 
check whereabouts 



This information is exempt under the Freedom of Information Act 200CHFOIA) ancHnay b^xempt under other UK information legislation. Refer any FOIA 

HHH x^^| or ^^B@gc hq.gsE.gov.uk 





Policy authorisations 

• STA and TTA provide records of actions 
where UK &/or British Overseas Territory 
law does not require authorisation 



• respect 2 nd Party sensitivities 

• actions are validated by a GCHQ senior (or 
nominated GC8s in ITT) 

• we can justify targeting if challenged 

• QC is mandatory 




This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 






Datamining STA 

• Datamining STA for target in UK - valid for 
two days 

- named SCS officer signs STA 

- one-off search 

• Count-only searches: no authorisation 
needed 



This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





Special C2C authorisations 

• special access to email communications 

• NS only; limited criteria 

• 16(3) or STA also required if location or 
nationality sensitive 

• SCS or GC6 approval 



This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





SRA 



• authorises receipt of 2 or 3P intelligence on 
UK- based targets ... 

• ... where GCHQ has no authorisation 

• avoids indirect targeting 

• limited period only 



This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





Operational Legalities 
SIGINT Development 



This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





SD justification 

• Enhancing GCHQ's capabilities is a national 
security purpose 

• TD - improving specific target knowledge, 
identifying new sources etc - is justified by 
the intelligence requirement for that target 
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SD proportionality 

Restrict to the minimum necessary: 

• refine wide initial terms 

• define length of task and/or volumes 

• limit dissemination and retention 

Aim: sustained targeting as soon as practicable 
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SD reporting 

you may report from SD traffic 

reporting guidelines reflect HRA requirements 
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Content or metadata? 

• voice mail boxes 

• SMS text 

• an email inside a message 

• email subject line 

• URL beyond the domain name 

(eg http : //www .myrail.com/que ry-text) 

• an attached routing diagram 
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Content or metadata? 

• IP address 

• email address 

• DTMF (tone dialling) 

• a URL up to the domain 
(eg http://www.myrail.com/ ) 

• location 
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Content or metadata? 



• password 

authentication to a communications service - 
communications data 

other passwords - content 

• cookie 

depends on data - may be either 
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Questions? 
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Second Parties 

Australia, Canada, 
New Zealand & USA 








GCHQ and Second Parties 



partners respect each others' laws and policies 

- 2 nd parties treat UK nationals as their own 

GCHQ must not ask a 2 nd party to do 
something for which we would need a warrant 



we must not task a 2 nd party with targeting 
that would be unlawful in that country 







USSID SP0018 

• No interception of persons in US without 
a warrant 

• Court order needed to intercept US 
persons outside the USA 

• your use of NSA collection & databases 
must respe ct 2 nd Party la ws and policies 
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Operational Legalities 



Dissemination & 
Disclosure 
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Dissemination 



EP is sole vehicle for passing intelligence 
to customers 

^ Reporting Standards applies 
proportionality principle to EP 
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Disclosure 



SIGINT collected under RIPA may not be 
used in court 

Relevance to prosecutions 
^ Public Interest Immunity - PII certificates 
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Questions? 
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Operational Legalities 
Safeguards and Oversight 
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M or H 
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RIPA safeguards 

^ intercepted material must be destroyed as 
soon as its retention is no longer necessary... 

^ it must be looked at, copied and disseminated 
to the minimum necessary... 

...for a purpose authorised under the Act 

^ as a matter of policy, GCHQ applies this ethos 
to all material it acquires, regardless of source 

^ policies for EP and data retention 



This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





Errors and breaches 



^ mistakes happen and we report them 

^ OPP-LEG and LA role: help & advice 

^ an apparent error may be: 

breaking the law ® 

a breach of RIPA safeguards O 

* nothing to worry about! O 

^ response: procedures, processes & training 
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Political oversight 

Executive - a Secretary of State exercises 
authority over the I & S services and is 
answerable to Parliament 

^ Parliament - Intelligence & Security 
Committee examines expenditure, 
administration and policy (not operations); 
members within the circle of secrecy; reports 
annually to Parliament 
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Judicial oversight: 
Commissioners 

Senior Judges: independent of HMG and 
Parliament 

review Secretary of State's use of powers 
under RIPA/ISA 

^ guaranteed access to agencies 
^ annual reports to the Prime Minister 



This information is exempt under the Freedom of Information Act 2Q QQ fFQIA ) and m ay be exe mpt under other UK information legislation. Refer any FOIA queries to GCHQ on 

or ^^B@gc hq.gsE.gov.uk 





Investigatory Powers 
Tribunal (IPT) 

comprises 8 independent lawyers 

investigates complaints against Agencies, law 
enforcement etc 

anyone, anywhere may complain 

more than 40 people within GCHQ assist in 
responding to complaint; audit logs 
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The Tribunal will ask... 

• what did we do? 

• was the action authorised ? 

• was it necessary ? 

• was it proportionate ? 

• did GCHQ act reasonably & within its powers? 
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Operational Legalities 

Wrap up 
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Key points: 'GCHQ does it legally 



1. Your work must be 



- authorised 

- necessary 

- proportionate 




2. Location: 

beware UK & UKUSA 
- seek authorisation 



3. Errors: we are 

honest and report them 

Currently a hidden slide 
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What does this mean for me? 



• Collection/technical staff: know what you can 
and cannot intercept 

• Collection manager: help analysts ensure 
selectors are justified and proportionate 

• Analyst/linauist: justify your targeting, seek 
warrant or STA where necessary 

• Reporter: report only what is necessary to 
address the requirement 



Currently a hidden slide 
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Contacts 



• visit OPP-LEG in B4a 

• call RUSSETT 36559 

• OPP-LEG web pages & compliance website 

• speak to your Legal POC 
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Legal & PoOicy Leads 














Questions? 
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Operational Legalities 




Protective marking of these notes: SECRET STRAP1 

Protective marking of slides: UNCLASSIFIED + 
CORINTH 



Intro; welcome; aims - legal framework and how to apply this in day- 
to-day work 



GCHQ operates within the law; everyone's responsibility; but we're 
here to help 

Training is part of that 
But we also: 

•Offer advice (desk, legal inbox, etc) - aim for prompt service; lawyers 
always on hand as well; 

•Deal with warrantry and disclosure 

•Help shape new tools and applications 

•Develop new policy as new requirements emerge, esp. with new 
techniques, accesses etc that analysts want to exploit 

Our job is to enable Sigint: we have processes that enable us to do 
things that would be illegal to the man on the street 

But with that comes responsibilities. 
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Not for display 



• Beware: there are several hidden slides 
in this presentation. If you see this you 
will also see the other hidden ones. 

• To find which are hidden, use slide 
sorter view 

• There's a print option to ignore hidden 
slides 



hidden slide 



Agenda 

Legal Framework 

Tasking & Targeting 
incl Location/Nationality 
Coffee/tea 
SD 

Second Parties 
Dissemination & Disclosure 
Safeguards & Oversight 
Wrap-up 




What's OUT 

Data Protection 
Official Secrets 

FOIA 
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Structure 

Blue = lawyer, green = OPP-LEG-er (red = audience) 

30-minute brief intro to legal framework - lawyer 

30 minutes on how this is applied to tasking and targeting - OPP-LEG 

15 minutes coffee-tea break when you can pick up and read quiz 
sheets 

15 minutes on SD and Second Parties - OPP-LEG 
15 minutes in groups to consider quiz 
15 minutes led discussion on quiz questions 
15 minutes on legal safeguards and oversight 
15 minutes for wrap-up and further questions 

Handouts on targeting and feedback sheet at the end 

Reporting governed by same principles as targeting so covered in 
general terms, but IPOL do the detailed guidance 

Happy to take questions as we go along but if they're on other areas 
please leave to the the end so we can be sure we've covered the main 
material first. Ask about jargon!! 






Operational Legalities 
Legal Framework 
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Legal Framework 

Intelligence Services Act 1994 

• functions; property interference; oversight 

Human Rights Act 1998 

• public authorities must act in accordance with ECHR 

Regulation of Investigatory Powers Act 2000 

• interception; safeguards; oversight 

Wireless Telegraphy Act 2006 

• non-RIPA interception/interference 

Tha irfbirndficn la nun# u refer [In freed cm vf Irfbrmrfcn Ail 2QQ^FUTAJ ijider rfher LK ir/cmWicn legablicn. Refer an/ FQTAqume; Cd GCHQ on 

or jcpi-juk 



• This is the legal framework that affect GCHQ Sigint operations and sets out 
the 3 main Acts. 

• ISA - governs the functions of GCHQ 



• HRA - helps protect people's privacy in general NOT just their 
communications eg people round Heathrow's new terminal feel their privacy 
is being violated 

• it gained Royal Assent in 1998 but didn't come into effect until 2 October 
2000 when RIPA was set up. 



• RIPA is the mechanism we use by which we make it ok to carry out 
interception 



• WTA covers interception of any wireless telegraphy not covered by RIPA 
Background: 

• HRA was a manifesto commitment of the new labour govt in 1997 to allow people 
under ECHR to pursue a case through the UK courts if grievance claim that their HR 
have been interfered with, rather than taking it to Strasbourg 

• Royal assent - act on statute books - signed by Queen 

• RIPA 2000 covered for interception and surveillance - comms data provided for 5 
January 2004 
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Intelligence Services Act 

• applies to all operations under control of 
Director GCHQ 

• defines GCHQ's SIGINT function 

• prescribes purposes for SIGINT function: 
... National Security 

... Economic Well-being of the UK (EWB) 

... Prevention/detection of serious crime 
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Until 1994, GCHQ and SIS did not have an act in law to define their 
function. 



BSS have the Security Services Act; ISA followed this. 



Definition: to monitor or interfere with electromagnetic, acoustic and 
other emissions and any equipment producing such emissions and to 
obtain and provide information derived from or related to such 
emissions or equipment and from encrypted material 



Advice and assistance about languages (GLASS); and cryptography 



Broad - covers passive collection; now also covers computer network 
exploitation; rare to find something that it doesn't cover. BUT Act 
does closely prescribe purposes for which GCHQ can exercise this 
function. 3 purposes. Jonny stealing a Mars Bar example! 



We are driven by customer requirements and need to make sure that 
what we are asked to do falls within these 3 categories 

(SC has four definitions, defined under RIPA). 



This is the hard law; it's the basic starting point; once we have 
established that work meets this, move onto other considerations. 



Human Rights Act 1998 

• incorporates the ECHR into UK law 

• requires all UK public authorities to act in 
accordance with the ECHR 

• allows actions against public authorities by 
aggrieved parties 

• RIPA, ISA and WTA are the vehicles through 
which ECHR or 'HRA compatibility 7 are met 
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ECHR: post WW2, nations combined to ensure atrocities didn't happen 
again 



•as a public authority it is unlawful for GCHQ to act in a way which is 
incompatible with a convention right 

• Public authorities are of 3 types: 

- government depts/health authorities/armed forces/police 
(NOT parliament) 

- courts and tribunals 

- person/org carrying out functions of public nature (eg 
Railtrack when acting as safety regulator but not as commercial 
property developer) 



• Some are absolute: eg. right to life, to protection from torture, 
inhuman and degrading treatment and punishment 

• Some are limited eg. the right to liberty (unless you commit an 
offence) and to a fair trial can be limited under expliat and finite 
circumstances defined in the Convention itself. 

• Others are 



Term HRA will be known to many of you if you target, use Corinth - 
easy to forget that this is part of UK law 



Point 3: compliance and oversight - more later 
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The European Convention on 
Human Rights (ECHR) 



Article 8 is of most obvious relevance to GCHQ: 

x 8.1. “ Everyone has the right to respect for his 
private and family life, his home and his 
correspondence. ” 

x 8.2. “ There shall be no interference by a public 
authority with the exercise of this right except 
such as is in accordance with the taw and is 

nennustan/ in a riamnnratin unniatv ” 



Obvious why relevant to GCHQ - examining forms of intercept; very 
intrusive. 

e.g. Heathrow night flights; partially successful. 

8.2 is key - right to privacy is not absolute. Public authorities may 
interfere with this if certain conditions are met. 

Brings concept of proportionality into UK law for first time. Ends 
must justify means; Sigint as last resort. 
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The European Convention on 
Human Rights 

• “...in the interests of national security, public 
safety or the economic well-being of the 
country, for the prevention of disorder or 
crime, for the protection of public health and 
morals, or for the protection of the rights and 
freedoms of others. ” 
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’Just' 3 at the moment. No reason why GCHQ's remit could not be 
changed in future but this is what we are allowed to do at the 
moment. 
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Need for authorisation 



• ensures compliance with requirements of 
ECHR and HRA 

• SIGINT - intercept/CNE - is illegal in UK 
without it (RIPA/CMA/WTA offences) 

• gives visibility of operational activities - to 
GCHQ seniors & SoS 
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1. Hard reason - criminal offence. Give example of journalist recently 
jailed. 

Civil servants are not immune from prosecution. 



2. Soft reason. Means that someone, usually SoS, makes a 
judgement of proportionality and necessity. 



3. Policy. 
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Authorisation 

Regulation of Investigatory Powers 

Act 2000 

Interception & surveillance 

Intelligence Services Act 1994 

CNE; Effects 

Wireless Telegraphy Act 2006 

Interception/ interference with wireless 

telegraphy 
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(Other considerations e.g. oversight) but this is what each one 
authorises. 



More detail on RIPA and ISA to follow 

Surveillance - for GCHQ, tends to be electronic surveillance (JTRIG) 
although covers more 'traditional' forms of surveillance 

WTA - e.g. police broadcasts 
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Regulation of Investigatory 
Powers Act 2000 (RIPA) 

interception in the UK of comms carried on a 
public or private telecommunications system 

* surveillance & covert human intelligence 
source (CHIS) activity 

^ acquisition of comms data 

* not just applicable to GCHQ 
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•RIPA - 

• provides for interception and surveillance by public authorities since HRA came 
into force 

• It focuses on rights of individuals located in the UK (regardless of nationality) 
and provides for warrants to be issued to authorise interception of comms 
(including comms outside UK) 



• Point 2 - GCHQ could do this in law but hasn't to date; Joint Section work with 
SIS; covered by their warrants. 

• Point 3 - covers data direct from CSPs 

•Also police, fraud office, anyone carrying out intercept 
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RIPA warrants 

s. 8(4) 'external' warrants 

authorise 'at least one end foreign' interception 

authorise selection according to Certificate 
entries 

target must be outside the UK (absent 
additional authorisation) 

ensure individuals' ECHR rights are protected 
on a world-wide basis 
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[Pass round copy of certificate - later] 



Mention SD and DefMon are covered 



We have 10 - one 'global' that covers Bude, MHS, Cyprus 



-others for special source accesses 



Selection of material governed by Certificate, speafying general 
categories of material, rather than a specific individual/selectors. 

Categories broadly mirror JIC requirements. 



Slide 4 - individual's rights protected on world-wide basis; also allows 
for anyone anywhere in the world to complain about our actions; 
means we can demonstrate to Tribunal that we have acted lawfully. 
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RIPA warrants 

s. 8(1) 'I i roe-access' warrants 

warrant authorises target (person or premises) 
in the UK 

schedules give telecomms addresses 

schedules are served on those who can provide 
the communications (usually CSPs) 

PRESTON 
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RIPA makes no distinction based on nationality (cf. 2Ps); there'll be a 
slide on this later. 



The address can be a tel no or an email address ; warrant signed by 
SoF but 



Schedules can be modified by WLD (Whitehall liaison department) or 
by a Director in an emergency 



GCHQ - all current warrants are against premises rather than 
individuals because of demarcation of responsibilities (us: foreign intel; 
BSS - internal UK - although we may do intercept for them) 

GCHQ - must have schedule served on it to target selectors on our 
external warrant; see error report in legal inbox 26/10/2007. 



Expand CSPs if not mentioned already - once served by a schedule, 
have to comply with it (law). GCHQ can also be served by schedules. 
GCHQ therefore insists on seeing copies of warrant schedules before 
taking action because of previous muck -ups which have had to be 
reported to the Commissioner. Involves simple, well-established 
comms process between OPP~LEG and SS warrantry team. 



Say: No schedule No targeting! 
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RIPA warrants/certificates 



^ 6 months' duration for NS, 3 months for SC 

* approval and renewal by Secretary of State 

* can be modified - addresses, categories 
urgency provisions 
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Urgency: 

-GCHQ senior official (on list) may sign: 

-urgent 8(1) warrant if expressly authorised by SoS 
-8(1) schedule modification 
-16(3) urgent modification 
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ISA warrants & authorisation 

• Computer Misuse Act 1990 (CMA) 

• s.5 warrant necessary if target computer is 
in the British Islands (NS only) 

• s.7 authorisation if elsewhere 

• mimics RIPA warrantry 

• s.7 subject to internal procedures 
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1. Criminal offence to interfere with someone's computer unless 
properly authorised. 

Viewed seriously in the UK; possible jail terms due to increase to 
between 5-10 years. 



2. Signed by SoS. 



3. Signed by SoS but individual operations signed by DO, allows CNE 
more flexibility. 
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ISA warrants & authorisation 



• 6 months' duration; NS/EWB only not SC 
for warrant but possible for authorisation 

• approval and renewal by Secretary of State 
no modification 

^ urgency/operational effectiveness 
provisions 
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Urgency: 

- GCHQ senior official (on list) may sign: 

- Urgent s.5 warrant to do something already authorised 
abroad under a s.7 authorisation 

- 5-day grace extension when machine enters UK 
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Wireless Telegraphy Act 

• authorises interception of wireless 
telegraphy, ie that not covered by RIPA 

• Secretary of State issues but without limit 
of time 

• still needs to be proportionate 
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RIPA Directed Surveillance 
Authorisations 



• GCHQ does directed surveillance when it 
observes a target with intention of gathering 
private data on the target's private life, 
associates and/or activities 

• excludes historical research eg computer 
forensics 
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Signed internally 
JTRIG induding JEDI pods 
Passive internet monitoring 
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Questions? 
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Operational Legalities 
Tasking and Targeting 
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So you've heard about the principal laws that affect our work. So the 
next part is what that means to us in practice. 
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Principles 



1. We operate within the law 

2. We can demonstrate that we operate 
within the law 

3. Staff have the information they need 
to be able to comply with the law 



The irfuma/lcn is c-xrntf under [hr freeckm rf Irtfcrmalcn Ad 2QQ^FUTA.)flndmfly bncntf under olter UK nfcrma/Cim fegelafiDn. Refer any FOJAtjLmcs Ed CCHQ cn I 

Dr ^^H&f£h£j.g9 .cp'd'.ij-:. 
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All we do has to be: 



authorised - where necessary, under 
law (ISA, RIPA, WTA), or policy (STA/TTA) 

^ necessary - NS, EWB or SC; plus more 
specific intelligence requirements 

^ proportionate - manner and extent to 
which requirement is being met 



The irtfcrmafEms enema under [hr hreeckm rf IiYcrmJcn Ad 2CKj^!hOTAj ^^nema under olter UK nfcrma/Cim fcgelflflm. Refer any FOIAtfenea Ed GCHQ cn I 

or Jjp't.'l'-. 



Some fields in Corinth/UDAQ (and others in due course) are there for 
legal compliance reasons. Not a 'nice-to-have'. Used by OPP^LEG to 
audit actions. 



Proportionate - often the most challenging. Given the aim, the 
conduct proposed is reasonable. 
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What activities does that 
apply to? 



tasking 
targeting 
database queries 
TD 
SD 



access 

retention 

dissemination 

pioneering 



The irtfcrmafEms c-xrntf under Or freeckm of IrtfcrmalEn Ad 2QQ^FO^)flndm ay talent* under Dlhcr UK nlfcrma/Cim fegelafiDn. Refer any FOIAtfenea Ed GCHQ cn I 

or ^^H&f£h£j.g9 .cp'j.iJ-:. 
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Tasking 

'at least one-end foreign" interception is 
authorised by external RIPA 8(4) warrant 

selection is authorised according to 
Certificate entries 

...ensures individuals 7 ECHR rights are 
protected on a world-wide basis 



The irtfcrmafEnis rirrrt/ under fl-e Freeckm rf IiYcrmJcn Ad jOA^fOTAj under other LK nfbrma/Cim bgclaflcn. Refer any PQJA£(Lene3 to GCHQ m 

j£|M or ^^H^gchqjgu ipv.Lk 



Pass round copy of certificate — NB 'eyes' marking 

Mention SD and DefMon are covered 

We have about ten - one'global'that covers Bude, MHS, Cyprus 
-others for special source accesses 

-Renewal every 6 months - you might have been asked for highlights 
-Certificate entries refine Intelligence topics 
-New entries can be made e.g. Electronic Attack 
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Targeting 

• name 

• communications addresses 

• web service authentication data 

• ID card number or passport number 

• driving licence number 

• car registration number 

• bank card/credit card account numbers 

The irtfcrmdEnis rirrrt/ under fl-e Freeckm rf IiYcrmJcn Ad 20A^!rOTAj an^map- under other LK nfcrma/Cim bgclaflcn. Refer arp 1 FOIA. tf.cn es to GCHQ m 

j£|M or ^^H^gchqjgu ipv.Lk 



Any of these terms are referable to an individual so need to follow the 
A, N, P rule. 
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BROAD OAK 



* strategic target knowledge database 

* users justify and review retention of target 
knowledge 

* justification of targeting selectors - 
separate, but may be cascaded from target. 
Will be default in future iteration of BROAD 
OAK 



The irtfcrmafEms c-xrntf under [hr freeckm rf IrtfcrmalEn Ad 2M^POTA.)flndmfly bncntf under Dlher UK nfcrma/Cim fegelafitTi. Refer any FOIAtjLmcs Ed GCHQ cn I 

or Jjp't.'l'-. 



Storage of TK not quite so sensitive/intrusive but still need to justify. 
BOT will replace Corinth (Release 4, Mar 09). 
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Show the fields that are there for legal compliance reasons: 



- .So Lirce 

-MIRANDA n umber 

-JIC purpose (in this case 3 NS) 

-HRA Justification 

-Authorisation: Sin this case a Warrant number cos target in UK 
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Source field - be specific 

s GCHQ report ref and date 
s SRI id and date 

s call records including root number 
s unique customer reference 

ALWAYS INCLUDE A DATE 

x e-mail from customer 
x voice 
x CRA 

The irtfcrmdEnis rirrrt/ under [hr Freeckm rf Jrtfcrmdcn Ad 2CKj^!hOTAj andmap I^^eihS under other UK nfcrma/Cim fegelaflcn. Refer any FOIAtfenea to GCHQ m 

|£[^H or ^^H^gchqjgu gsv.i 



Needs to be traceable as well as specific 
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Intelligence requirements 

• use MIRANDA number that equates to 
intelligence requirement 

• TD - improving specific target knowledge, 
identifying new sources etc - is justified by 
the intelligence requirement for that target 

• BOT - tick'SigDevt' box 



The irfcrmaicnia rirrrt/ under fl-e Freeckm rf Irfcrmalcn Ad 20A^!rOTAj an^merp- under other LK nfcrma/Cim bgclaflcn. Refer arp 1 FOIA. tf.cn es to GCHQ m 

or Jjp't.'l'-. 



Address indirect targeting issues; will come onto UK issues 
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HRA justification 

• explain exactly why you are targeting this individual 

• don't just repeat the MIRANDA number but add 
value 

• BOT - cascade of target-level HRA justification to 
selectors 

• your responsibility to amend if necessary 

• indirect targeting 

The irtfcrmafEnis rirrrt/ ureter hreerkm tif Irfcrmalcn Ail 2QQ^FUTA)flndmfly under other UK nltrmrficn bgeildjcn. Refer any PQJAtjLmea Ed GCHQ on 

or ipv.Lk 



Address indirect targeting issues; will come onto UK issues 



Indirect targeting - the use of a selector to identify and select the 
communications of one individual with a view to selecting and 
reporting the activities of another individual - the target; such targeting 
requires an authorisation appropriate to the location and nationality of 
the real target 

Indirect targeting is getting sustained intelligence on A by targeting B. 
(Wanting intelligence on B as well doesn't get you off the hook.) 



Point to note: it is using another selector to get at the 
communications of the target, not to find information about him. 

So it is fine to target a Swedish girl-friend of a person in the UK to find 
out info about him, as long as you defeat communications between the 
two of them. 
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HRA justification 



S Russian Minster for Foreign affairs 

S dialling analysis links to Senior Russian energy 
policymaker 

s wife of Russian Minister, targeted to provide travel 
details of target 

S Employee at Chinese Embassy in London 

S Presidential Administration Experts Directorate; 
access to info on Russian policy affecting UK 

x Russian energy 
x Chinese weapons programme 



The irtfcrmdEms enema under [hr freecbm rf IiYcrmJcn Ad 2QQ^FUTA.)flndmfly ta^ncma under Dlher UK nfcrma/Cim fegelafitn. Rrfcr any FOIAtfenea Ed GCHQ cn I 

or Jjp't.'l'-. 



All about proportionality 

I hid two lines at the foot of this slid^reset font colour) - not sure I 
can justify rejecting them! 

We could do with some non-ITT examples 
suspected terrorist temporarily removed 
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Revalidating targeting 

• make sure it is clear why you are continuing to 
invade this person's privacy, so: 

- record your justification for continuing targeting 

- make sure all fields contain the most recent information 
available 

- ongoing process 

• if you can no longer justify targeting, record your 
reason for deactivating and then deactivate 



The irtfcrmafEms enema under [hr hreerkm rf IiYcrmJcn Ad 2M^POTA.)flndmfly bncntf under Dlher UK nfcrma/Cim fegelafitTi. Refer any FOIAtfenea Ed GCHQ cn I 

j£|M or .Cp'j.iJ:. 



Revalidation - new requirement in BOT; it will be audited 
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Data content retrieval 

UDAQ, DISHFIRE, IIB 

• not all data in these bases is 'selected' 

• retrieval must be: 

- authorised (lawful) 

- necessary 

- proportionate 

• HRA screens; audit logs 

• target in UK - datamining STA 

The irtfcrmdEnis rirrrt/ under Ehc Freeckm rf IiYcrnWcn Ad 20A^!FOTAj an^map- under other LK nfcrma/Cim bgclaflcn. Refer arp 1 FOIA. tf.cn kj to GCHQ m 



Basis: data from authorised intercept, normally selected using a TND 
but scope could include some unselected data, eg from a survey 



Includes UDAQ (mixed), SAMDYCE (selected), DISHFIRE (mixed), 
MAM BOOKIE (selected) 

Issue: database users run queries and have potential to infringe 
human rights of innocent people through reading their 
communications 



Normal A - J - P implemented by the analyst 
Hence HRA screen 

Also logging of queries for audit and queries (more later) 
Querying is a form of targeting - hence STA requirement 
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UDAQ 



* JIC purpose 

use appropriate MIRANDA number 

explain why you are running this query 

principle applies to use of any Sigint 
database 

Currently a hidden slide 

The irfcrmfliBnis rirrrt/ under [hr Freeckm rf IiYcrmJcn Ad jOA^hOTAj an^map- under other LK nfcrma/Cim bgclaflcn. Refer any FOIAtfenea to GCHQ m 

j£j^H or Jjp't.'l'-. 
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Questions you should ask 
you rself 

• would my justification record be clear to a 
colleague? 

• have I justified invading this person's privacy? 

• will my successor understand? 



The irtfcrmdEnis rirrrt/ under fl-e Freeckm rf IiYcrmJcn Ad 20A^!rOTAj under other LK nfcrma/Cim bgclaflcn. Refer arp 1 FOIA. tf.cn es to GCHQ m 



Hidden - replaced by previous slide 
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Audits 

• IPTs currently carry out targeting audit 

- 10% of entries each year, randomly chosen 

- all UK entries each year, wildcards each audit 

• quick check of record & key HRA aspects: 

- source field 

- HRA justification 

- MIRANDA number 

- revalidation 

• UDAQ & Events also audited 

The irtfcrnufEms nmi/ under the hreerkm nf IiYcrnWcn Ad ay talent* under other LK nfcrma/Cim fegelafiDn. Refer any PQIAtjLencs Ed GCHQ m 

or Jjp't.'l'-. 



Audit mandated by SOB 

Not meant to be onerous 

IPTs conduct audit in different ways. 

Now finding that fewer entries need changing => compliance levels 
going up (education) 

Next stage - audit of other databases. 
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The irtfcrmafEms c-xrntf under [hr hreerkm rf IiYcrnWcn Ad 200^FDTA.Jflndmflif bncntf under olter UK nlfcrma/Cim fegelafitTi. Refer any FOIAtfenea Ed GCHQ cn I 

or ^^H&f£h£].g9 Jjp't.'l'-. 



15 minute break 
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Operational Legalities 

Targeting: location and 
nationality 



The irfcrmafEms enema under [hr hreerkm rf IiYcrmJcn Ad 2M^P0TA.)flndmfly bncntf under Dlher UK nlfcrma/Cim fegelafitTi. Refer any FOIAtfenea Ed GCHQ cr 

j£|M or ipv.Lk 



Pick up from lawyer's words on territoriality. 
RIPA - location - UK matters 
Policies address nationality issues 



Cause of a great many queries to OPP-LEG! 




Location, location, location 

Law: specific RIPA authorisation for 
interception of a target located in the UK 

^ Policy: internal authorisation (STA) for a target 
outside the UK if nationality and/or location is 
sensitive 



^ all targets require HRA justification (gchq is a 

public authority interfering with individuals' human rights) 




Distinguish serendipity from indirect targeting. (Dont scare people off 
doing valid and legal reporting) 

Location = law 

Nationality = policy 

Any 2Ps in the audience? 

Expand on Sensitive target - not covered later. 

May wish to mention here policy that a target entering a Second Party 
country must be detasked from all Second Party collection systems 
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Location? 



• without other information, assume: 

- individual is in their country 

- mobile phone is in country of registration 

- email address with country digraph is there 



The irtfcrmafEms c-xrntf under [hr freeckm rf IrtfcrmalEn Ad 2M^POTA.)flndmfly bncntf under Dlher UK nfcrma/Cim fegelafitTi. Refer any FOIAtfenea Ed GCHQ cn I 

or Jjp't.'l'-. 



Sensitive always trumps non-sensitive 



Location: belief & knowledge 

belief is not 100% knowledge with hindsight; 
you must not 'turn a blind eye" 

based on the information available at any 
particular time 

^ this may vary - so should our response 




“Tha irfbirnofiDn la Burnfl! underChE Freed cm of Irfbrmrfcn Ail 2QQ^FUTAJ ijider ether LK ir/cmWicn legablicn. Refer an/ FQTAqume; Ed GCHQ on 

or jcjri-juk 

•Not going into religion or philosophy - frequent topic of questions to 
OPP-LEG 



•The main thing is to record why you made your decision so that, if 
later it turns out to be incorrect, you have noted the reasons for 
believing what you did. 



• possibly BROAD OAK comments field 



• relies on honesty from analysts - in good faith 



• it's your judgement call - try to get collateral if possible to help make 
the decision - but do the best you can possibly do 
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Target arrives or is discovered 
to be in the UK.. .what next? 

Consider authorisation options 

^ continuation targeting - RIPA s.16(5) 

5 working days (1 for SC) 
signed by GCHQ Directorate 

x then over to customer - RIPA s.8(l) warrant 
or... 



The irtfcrmdEnis rirrrt/ under fl-e Freeckm rf IiYcrmJcn Ad 20A^!rOTAj under other LK nfcrma/Cim bgclaflcn. Refer any PQJAtjLenes to GCHQ m 

or ^^H^gdnqjgu Jjp't.'l'-. 




Target comes to UK - no longer have to take targeting off cover. In 
fact we should probably be more interested in why a target has come 
to the UK and want to do some work on this. There are other options. 



16(5) - 5 days from moment analyst realises target is in UK (1 day for 
SC). After this, need to apply for a warrant or drop targeting. Warrant 
could have schedule served on us. 16(5) on 8(4) collection. Only 
selectors you know about at the time, can't add new ones in. 
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Target in the UK...RIPA s.16(3) 

frequent visitors to the UK or known targets 

^ SoS signature required - modification to 8(4) 
certificate 

new selectors may be used 

indirect targeting is not aiiowed 




NB currently used only for counter-terrorism, serious crime, CP and Russian 
intelligence officers (March 2008) 

16(3) - you might know the name of the target; or it's a suspicious selector used 
by one or more unknown targets; business case from IPT, goes through various 
internal checks; OPP~LEG puts it into appropriate format -> SoS; renewed every 6 
months (3 for SC); update it with current knowledge. 

Directorate may authorise urgent additions 

Indirect targeting - the use of a selector to identify and select the communications 
of one individual with a view to selecting and reporting the activities of another 
individual - the target; such targeting requires an authorisation appropriate to the 
location and nationality of the real target 

Indirect targeting is getting sustained intelligence on A by targeting B. (Wanting 
intelligence on B as well doesn't get you off the hook.) 

Point to note: it is using another selector to get the communications of the target, 
not to find information about him. So it is fine to target a Swedish girl-friend of a 
person in the UK to find out info about him, as long as you defeat communications 
between the two of them. 

e.g. Your target's in South Africa, his wife's in India. Targeting her phone no. to get 
his comms = indirect targeting, but is ok as long as you can demonstrate necessity 
and proportionality. But if target comes from SAto UK, you'll need additional 
authorisation to continue to target the wife's phone no. 
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If no authorisation is sought... 

examine and report traffic intercepted up to 
time you knew target was in UK ....then.... 

use B3M HRA 'register" to alert 

check location using events or THUGGEE 

examine a cut (B3M / UDAQ) every 48 hrs to 
check whereabouts 

The irtfcrmafEnis rirrrt/ under the Freeckm tif Jr/crmalm Ad jOA^fOTAj andmaf under other UK nfcrma/Cim fegelflAtn. Refer 

j£|M or Jjp'i.'I-. 




All this assumes they can't be bothered with any of the authorisation 
options . Ask what this says about the level of justification of the 
target in the first place. 



Note no alert system on text repositories, only voice [and we don't 
know how widely used the B3M mark up is used, tho I think it's 
reasonably well known] 



These days, esp for voice, call records are a better way of tracking 
where someone is, and they're less intrusive 



NB B3M flag only for target in the UK 
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Policy authorisations 

• STA and TTA provide records of actions 
where UK &/or British Overseas Territory 
law does not require authorisation 

• respect 2 nd Party sensitivities 

• actions are validated by a GCHQ senior (or 
nominated GC8s in ITT) 

• we can justify targeting if challenged 

• QC is mandatory 

The irtfcrmdEnis rirrrt/ under the hreerkm rf JrtfcrmdEn Ad talent* under other LK nfcrma/Cim fegelafiDn. Refer any PQJAtjLenes to GCHQ m 

or Jjp't.'l'-. 




No legal authorisations required but action is still sensitive. 
Reassurance to Commissioner/IPT. 
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Datamining STA 

• Datamining STA for target in UK - valid for 
two days 

- named SCS officer signs STA 

- one-off search 

• Count-only searches: no authorisation 
needed 



The irtfcrmafEms c-xrntf under [hr freeckm rf IrtfcrmalEn Ad talent* under Dlhcr UK nlfcrma/Cim fegelafiDn. Refer any FOIAtfenea Ed GCHQ cn I 

Dr .cp'd'.ij-:. 



STA is handled by OPA-DCSD 

SCS sign TTA and datamining STA for targets in the UK - save 
Directorate when novel or sensitive 

For out of hours authorisations the SDO can approve all STA and TTA 
requests as appropriate but authority from one of the above officers 
must be obtained at the earliest opportunity. 



Datamining for targets in the UK - a one-off search per repository; 
must perform search within 2 days but can go back further; can 
examine all hits returned; count-only 



ZTA - ITT only 
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Special C2C authorisations 

• special access to email communications 

• NS only; limited criteria 

• 16(3) or STA also required if location or 
nationality sensitive 

• SCS or GC6 approval 



The irtfcrmafEms c-xrntf under [hr freeckm rf IrtfcrmalEn Ad 2M^POTA.)flndmfly talent* under DEher UK nfcrma/Cim fcgelflflm. Refer any FOIAtfenea Ed GCHQ cn I 

Dr .cp'd'.ij-:. 



STA is handled by OPA-DCSD 



SCS sign TTA and datamining STA for targets in the UK - save 
Directorate when novel or sensitive 



For out of hours authorisations the SDO can approve all STA and TTA 
requests as 

appropriate but authority from one of the above officers must be 
obtained at the earliest 

opportunity. 



Datamining for targets in the UK - a one-off search per repository; 
must perform search within 2 days but can go back further; can 
examine all hits returned; count-only 



ZTA - ITT only 
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SRA 

• authorises receipt of 2 or 3P intelligence on 
UK-based targets ... 

• ... where GCHQ has no authorisation 

• avoids indirect targeting 

• limited period only 



The irtfcrmafEms enema under Or freeckm rf IiYcrmJcn Ad 2M^POTA.)flndmfly ta^nent* under Dlhcr UK nlfcrma/Cim fegelafitTi. Refer any FOIAtfenea Ed GCHQ cn I 

or Jjp't.'l'-. 



Max 6 months 
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Operational Legalities 
SIGINT Development 



The irfcrmafEms enema under [hr freeckm rf Jr/crmalm Ad 2QQ^F0^)flndmay ta^nem* under Dlher UK nfcrma/Cim fegelafitTi. Refer any FOIAtfenea Ed GCHQ cn I 

or ^^H&f£h£].g9 .cp'j.iJ-:. 



By its nature, SD can be intrusive to many people's human rights, as it 
can involve large-scale interception of many innocent people, cf. 
interception using strong, known selectors with valid HRA 
justifications. 



SD - can be for technical development or to find target 
communications from bulk data. 
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SD justification 

• Enhancing GCHQ's capabilities is a national 
security purpose 

• TD - improving specific target knowledge, 
identifying new sources etc - is justified by 
the intelligence requirement for that target 



The irtfcrmafEms c-xrntf under [hr hreerkm rf IiYcrnWcn Ad 2M^POTA.)flndmfly talent* under Dlhcr UK nlfcrma/Cim fegelafiDn. Refer any FOIAtfenea Ed GCHQ cn I 

Dr .cp'd'.ij-:. 



Capabilities - vital for the future of SIGINT; may embrace research 
Both are referred to in RIPA certificate. 

If asked, MIRANDA number for system testing is 20141 
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SD proportionality 

Restrict to the minimum necessary: 

• refine wide initial terms 

• define length of task and/or volumes 

• limit dissemination and retention 

Aim: sustained targeting as soon as practicable 



The irtfcrmafEms enema under [hr hreerkm rf IiYcrmJcn Ad 2M^POTA.)flndmfly bncntf under Dlher UK nfcrma/Cim fegelafitTi. Refer any FOIAtfenea Ed GCHQ cn I 

j£|M or Jjp't.'l'-. 



Capabilities - vital for the future of SIGINT; may embrace research 
If asked, MIRANDA number for system testing is 20141 
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SD reporting 

• you may report from SD traffic 

• reporting guidelines reflect HRA requirements 



The irtfcrmafEms c-xrntf under [hr hreerkm rf IiYcrnWcn Ad 2QQ^F0^)flndm ay talent* under Dlhcr UK nlfcrma/Cim fegelafiDn. Refer any FOIAtfenea Ed GCHQ cn I 

or ^^H&f£h£j.g9 .cp'j.iJ-:. 



Capabilities - vital for the future of SIGINT; may embrace research 
If asked, MIRANDA number for system testing is 20141 
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Content or metadata? 

• voice mail boxes 

• SMS text 

• an email inside a message 

• email subject line 

• URL beyond the domain name 

(eg http : //w w w. my ra i I .com/q u ery-text) 

• an attached routing diagram 

The irtfcrmdEnis rirrrt/ under fl-e Freeckm rf Jrtfcrmdcn Ad 20A^!rOTAj under other LK nferma/Cim bgclaflcn. Refer any POIAtfenea to GCHQ m 

or ^^H^gchqjgu Jjp't.'l'-. 
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Content or metadata? 

• IP address 

• email address 

• DTMF (tone dialling) 

• a URL up to the domain 
(eg http://www.myrail.com/ ) 

• location 



The irtfcrmafEms c-xrntf under [hr freeckm rf IrtfcrmalEn Ad 2M^P0TA.)flndmfly bncntf under Dlher UK nfcrma/Cim fegelafitTi. Refer any FOIAtfenea Ed GCHQ ct 

or Jjp't.'l'-. 



DTMF = dual tone multi-frequency = touch-tone dialling 
- usually metadata but can be content (credit card number) 

URL: not for acquisition 
- yes for queries 

Location is generally metadata too. 

[GCHQ policy is to treat it pretty much all the same whether it's 
content or metadata.] 



Content or metadata? 



• password 

authentication to a communications service - 
communications data 

other passwords - content 

• cookie 

depends on data - may be either 



The irtfcrmafEms BicntfE under Or Freeckm rf IiYcrnWcn Ad 2M^POTA.)flndmfly bncntf under Dlher UK nlfcrma/Cim fegelafitn. Refer any FOIAtfenea Ed GCHQ cn I 

j£|M or ^^H&fFh£].g9 .cp'j.iJ-:. 



Current ruling: content - moving towards metadata, need to flesh out 
a few examples passwords to web sites are metadata; banking etc 
would be content. 



There are specific exemptions, eg PILBEAM, PRIMORDIAL SOUP, NEO 
PUDDING (but getting to be too many exceptions for OPP^LEG liking) 



Future of C2C exploitation ? 

WIPto redefine as metadata if possible 

Other measures possible, eg limit access to these elements of content 
-being explored for HAUSTORIUM 
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The irtfcrmafEms enema under [hr Freeckm rf IiYcrmJcn Ad 200^FDTA.Jflndmflif bncntf under Dlher UK nlfcrma/Cim fegelafitTi. Refer any FOIAtfenea Ed GCHQ cn I 

j£|M or ^^H&f£h£].g9 Jjp't.'l'-. 



59 





Second Parties 

Australia, Canada, 
New Zealand & USA 



The irtfcrmafEms enema under Or freeckm rf IiYcrmJcn Ad 2QQ^FO^)flndm ay talent* under Dlhcr UK nlfcrma/Cim fegelafiDn. Refer any FOIAtfenea Ed GCHQ cn I 

or ^^H&t£h£j.g9 Jjp't.'l'-. 
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GCHQ and Second Parties 

• partners respect each others' laws and policies 
- 2 nd parties treat UK nationals as their own 

• GCHQ must not ask a 2 nd party to do 
something for which we would need a warrant 

• we must not task a 2 nd party with targeting 
that would be unlawful in that country 



The irfcrmafEms c-xrntf under [hr freeckm rf Irfcrmalcn Ad ay talent* under Dlhcr UK nfcrma/Cim fegelafitTi. Refer any FOIAtfenea Ed GCHQ cn I 

or Jjp't.'l'-. 
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USSID SP0018 

• No interception of persons in US without 
a warrant 

• Court order needed to intercept US 
persons outside the USA 

• your use of NSA collection & databases 
must respect 2 nd Party laws and policies 



The irtfcrmafEms mem* under Or Freeckm rf IiYcrnWcn Ad 2M^FDJA)andm ay talent* under Dlhcr UK nfcrma/Cim fegelafitTi. Refer any FOIAtfenea Ed GCHQ m I 

or Jjp't.'l'-. 



2 nd bullet - was US Attorney General, but FAA changed to FISA Court. 




3 rd bullet - you wil 

move post or location 

■ 



your account when 



i 




Operational Legalities 

Dissemination & 
Disclosure 
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or Jjp't.'l'-. 
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Dissemination 



EP is sole vehicle for passing intelligence 
to customers 

* Reporting Standards applies 
proportionality principle to EP 



The irtfcrmafEms c-xrntf under [hr hreerkm rf IiYcrnWcn Ad 2QQ^F0^)flndm ay talent* under olhcr UK nlfcrma/Cim fegelafiDn. Refer any FOIAtfenea Ed GCHQ m 

or Jjp't.'l'-. 



Do not send intelligence in emails! - you could end up in court!! 



Disclosure 



SIGINT collected under RIPA may not be 
used in court 

x Relevance to prosecutions 
Public Interest Immunity - PII certificates 



The irtfcrmafEms C5terrtf(! under [hr hreerkm rf IiYcrnWcn Ad talent* under olher UK nlfcrma/Cim fegelafiDn. Refer any FOIAtfenea Ed GCHQ cn I 

or .cp'j.iJ-:. 



Do not send intelligence in emails! - you could end up in court!! 



Warranted intercept under RIPA can not be used in court (at the 
moment) 



PII - used for other intelligence not covered by RIPA eg second party 
reissues. 



Public Interest Immunity (PII) certificate. This document sets out the 
damage that could be caused by exposing GCHQ capabilities. Whilst 
the Foreign Secretary signs the certificate, it is the Judge who has the 
ultimate say as to whether it is upheld (See 

for further details). If the Judge orders in favour of disclosure, the only 
remaining option is to drop part or all of the case; 

Drop the case. If the Judge rejects the PII certificate and orders that 
disdosure should be made in the public interest, we would seek to 
have that part of the case, or in extreme circumstances the case in its 
entirety, dropped. 
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Questions? 
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Operational Legalities 
Safeguards and Oversight 
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or ^^H&t£h£j.g9 Jjp't.'l'-. 
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RIPA safeguards 

intercepted material must be destroyed as 
soon as its retention is no longer necessary... 

^ it must be looked at, copied and disseminated 
to the minimum necessary... 

...for a purpose authorised under the Act 

^ as a matter of policy, GCHQ applies this ethos 
to all material it acquires, regardless of source 

^ policies for EP and data retention 



The irtfcrmafEms Mem* under [hr Frerckm rf IiYcrnWcn Ad ay talent* under Dlher UK nfcrma/Cim fcgelflflm. Refer arp 1 FClIA tf-mrs Ed GCHQ cn I 

or Jjp't.'l'-. 
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Errors and breaches 



mistakes happen and we report them 
OPP-LEG and LA role: help & advice 
an apparent error may be: 
breaking the law ® 

a breach of RIPA safeguards O 

nothing to worry about! O 

response: procedures, processes & training 
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or Jjp't.'l'-. 
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Political oversight 

Executive - a Secretary of State exercises 
authority over the I & S services and is 
answerable to Parliament 

Parliament - Intelligence & Security 
Committee examines expenditure, 
administration and policy (not operations); 
members within the circle of secrecy; reports 
annually to Parliament 



The irfcrmaicnia rirrrt/ under the Freeckm rf JiYnnWcn Ad 20A^!rOTAj an^map- under other LK nfcrma/Cim bgclaflcn. Refer arp 1 FOIA tf.cn es to GCHQ m 

or Jjp't.'l'-. 
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Judicial oversight: 
Commissioners 

Senior Judges: independent of HMG and 
Parliament 

review Secretary of State's use of powers 
under RIPA/ISA 

>- guaranteed access to agencies 
annual reports to the Prime Minister 

The irtfcrmafcnis rxrrn/ under the freeckm rf IiYcrmJcn Ad 20A^!rOTAj under other LK nfbrma/Cim bgclaflcn. Refer arp 1 FOIA. tf.cn es Ed GCHQ m 

or ^^H^gchqjgu ipv.Lk 



Interception Commissioner - Sir Paul Kennedy 
Intelligence Services Commissioner - Sir Peter Gibson 
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Investigatory Powers 
Tribunal (IPT) 

• comprises 8 independent lawyers 

• investigates complaints against Agencies, law 
enforcement etc 

• anyone, anywhere may complain 

• more than 40 people within GCHQ assist in 
responding to complaint; audit logs 

The irtfcrmafcnis cuntf under the Freeckm of Irfcrmalcn Ail 2QQ^FUTA.)flndmfly talent* under other UK nltrmiCicn fegeslaflcn. Refer any PQJAtfencs to GCHQ on 

j£|M or Jjp't.'l'-. 
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The Tribunal will ask... 

• what did we do? 

• was the action authorised ? 

• was it necessary ? 

• was it proportionate ? 

• did GCHQ act reasonably & within its powers? 

Ihei irfcrnidlnmu rxm*/ under Ehe FrKcfcrn rf IiYmnJcn Ail under other LK nltrmrficn fcgeslflfltn. Refer err/ FDTA.cfjme'j to GCHQ on ^H| 

|£[^H or ^^H^gchqjgu Jjp't.'l'-. 
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Operational Legalities 
Wrap up 



The irtfcrmafEms enema under Or freeckm rf IiYcrmJcn Ad 2QQ^FO^)flndm ay talent* under Dlhcr UK nlfcrma/Cim fegelafiDn. Refer any FOIAtfenea Ed GCHQ cn I 

or ^^H&t£h£j.g9 Jjp't.'l'-. 
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Key points: 'GCHQ does it legally' 

1. Your work must be: 

- authorised 

- necessary _ ^ 

- proportionate Location. 

beware UK & UKUSA 

- seek authorisation 




3. Errors: we are 

honest and report them 

Currently a hidden slide 
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1. You are responsible for this 

2. Location - law 
nationality - policy 

3. We will help you and agree measures to prevent recurrence 
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What does this mean for me? 



• Collection/technical staff: know what you can 
and cannot intercept 

• Collection manager: help analysts ensure 
selectors are justified and proportionate 

• Analyst/linauist: justify your targeting, seek 
warrant or STA where necessary 

• Reporter: report only what is necessary to 
address the requirement 



Currently a hidden slide 

*TL... " * ri ~ ■ T—f ■ i> .i "i , r L r L r i 
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Contacts 



• visit OPP-LEG in B4a 

• call RUSSETT 36559 

• email ^ }pgchq 

• OPP-LEG web pages & compliance website 

• speak to your Legal POC 



The irtfcrmafEms r-xrntf under [hr Freeckm of IrtfcrmalEn Ad 200^FDTA.Jflndmflif bncntf under Dlher UK nfcrma/Cim fegelafitTi. Refer any FOIAtfenea Ed GCHQ cn I 

or ^^H&f£h£].g9 .cp'd'.ij-:. 



Don't forget to sign the attendance sheet or you'll have to come all 
over again! 

....or add your name if it's not there. 
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Legal & Policy Leads 




Don't forget to sign the attendance sheet or you'll have to come all 
over again! 

....or add your name if it's not there. 
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Questions? 
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